The Threat of Weaponized Packages Attacks on software developers no longer require breaching a massive corporate platform. Instead, a single cleverly disguised package achieves the same devastating result. A recent incident within the npm...
The pursuit of a corporate VPN client across the digital expanse can culminate in the catastrophic exfiltration of credentials. The orchestration of a campaign by the cybercriminal syndicate designated Storm-2561 starkly illuminates the terrifying...
Occasionally, the most perilous phishing missives appear as though they were dispatched by a colleague in the adjacent office. This is precisely the strategy currently favored by adversaries who have mastered the art of...
According to a new report from Microsoft Threat Intelligence, the financially motivated group Storm-2657 is conducting large-scale attacks against universities and private companies, using stolen employee credentials to redirect payroll funds into their own...
The Microsoft Teams messenger, widely used for corporate communication, has increasingly become a convenient arena for cyberattacks. According to the Microsoft Threat Intelligence team, malicious actors are actively exploiting the platform for a broad...
According to a report by Microsoft Threat Intelligence, the group Storm-0501 has shifted its focus from traditional on-premises ransomware campaigns to tactics centered on cloud services. Whereas in the past attackers deployed encryptors onto...
